Hi folks, I need some help with this one.
I have a router and an AP set up with the latest firmware and configured them to extend my WiFi coverage.
The AP is an EAP-225 Outdoor running the latest snapshot.
OpenWrt SNAPSHOT r17321-5c88bf896e / LuCI Master git-21.223.61040-6045f58
The second device is a TP-Link TL-WDR4900 v1.
OpenWrt 19.07.8 r11364-ef56c85848 / LuCI openwrt-19.07 branch git-21.189.23240-7b931da
The dumb AP settings are working fine on both devices with regard to my private WiFi.
But I have trouble getting the guest WiFi to work.
I basically used the guide in the documentation section.
I checked other sources also but whatever I try, It's not working so far.
I can see the guest WiFi on my mobile devices and I can connect but IP lease is not working reliably.
Additionally very confusing: During my trials I managed to get an IP maybe twice!
But in general it gets stuck at "Obtaining IP Address..."
This happens exactly the same on both devices.
In this post, user @mpa states " dnsmasq
must be running since the dumb AP is serving DHCP for the guest network."
service dnsmasq status
returns "running"
I appreciate a review of the settings and some ideas what might be wrong.
Here are my settings:
etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
option ipv6 '0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.158.15'
option netmask '255.255.255.0'
option ip6assign '60'
option peerdns '0'
option dhcpv6 'disabled'
option ipv6 '0'
list dns '192.168.158.7'
config route 'net'
option interface 'lan'
option target '0.0.0.0/0'
option netmask '255.255.255.0'
option gateway '192.168.158.1'
config device
option name 'wlan0'
option ipv6 '0'
config device
option name 'eth0'
option ipv6 '0'
config device
option name 'wlan0-1'
option ipv6 '0'
config device
option name 'wlan1'
option ipv6 '0'
config device
option name 'wlan1-1'
option ipv6 '0'
config interface 'gast'
option proto 'static'
option delegate '0'
list ipaddr '192.168.178.15/24'
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'pci0000:00/0000:00:00.0'
option band '5g'
option htmode 'VHT80'
option channel 'auto'
option country 'DE'
option cell_density '0'
config wifi-device 'radio1'
option type 'mac80211'
option path 'platform/ahb/18100000.wmac'
option band '2g'
option country 'DE'
option cell_density '0'
option htmode 'HT40'
option channel 'auto'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'PRIVATE'
option encryption 'psk2'
option key 'other_pass'
config wifi-iface 'wifinet2'
option device 'radio0'
option mode 'ap'
option ssid 'PRIVATE'
option encryption 'psk2'
option key 'other_pass'
option network 'lan'
config wifi-iface 'wifinet3'
option device 'radio1'
option mode 'ap'
option ssid 'GUEST'
option encryption 'psk2'
option key 'my_pass'
option network 'gast'
config wifi-iface 'wifinet4'
option device 'radio0'
option mode 'ap'
option ssid 'GUEST'
option encryption 'psk2'
option key 'my_pass'
option network 'gast'
/etc/config/firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
option masq '1'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'Support-UDP-Traceroute'
option src 'wan'
option dest_port '33434:33689'
option proto 'udp'
option family 'ipv4'
option target 'REJECT'
option enabled '0'
config include
option path '/etc/firewall.user'
config zone
option name 'gast'
option output 'ACCEPT'
option forward 'REJECT'
list network 'gast'
option input 'REJECT'
option family 'ipv4'
config forwarding
option src 'gast'
option dest 'lan'
config rule
option name 'Gast DHCP'
option src 'gast'
option dest_port '67-68'
option target 'ACCEPT'
option family 'ipv4'
list proto 'udp'
config rule
option name 'Gast DNS'
option src 'gast'
option dest_port '53'
option target 'ACCEPT'
option family 'ipv4'
config rule
option src 'gast'
option dest 'lan'
list dest_ip '192.168.158.0/24'
option target 'DROP'
option family 'ipv4'
option name 'Gast block nach Privat'
list proto 'all'
config rule
option family 'ipv4'
option src 'gast'
option target 'DROP'
option name 'Gast block AP-Config GUI+SSH'
option dest_port '80 22'
/etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option ignore '1'
option ra_slaac '0'
option dns_service '0'
option dynamicdhcp '0'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'glan'
option interface 'glan'
option ignore '1'
list ra_flags 'none'
config dhcp 'gast'
option interface 'gast'
option start '100'
option netmask '255.255.255.0'
option leasetime '6h'
option limit '20'
list ra_flags 'none'